package com.ncbee.base.config.shiro;

import com.ncbee.base.model.entity.Resource;
import com.ncbee.base.model.vo.UserInfo;
import com.ncbee.base.model.vo.tableVo.ResourceVo;
import com.ncbee.base.service.UserService;
import org.apache.commons.collections.CollectionUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.util.StringUtils;
import java.util.ArrayList;
import java.util.List;

/**
 * @Author fengzirong
 * @DESC
 * @Date 2018/12/9 14:43
 **/
public class CustomShiroRealm extends AuthorizingRealm {
    private static final Logger logger = LoggerFactory.getLogger(CustomShiroRealm.class);
    @Autowired
    @Lazy
    private UserService userService;

    /**
     * 授权相关
     * @param principalCollection
     * @return
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        logger.info("------------------shiro开始执行授权--------------------------");
        UserInfo userInfo=(UserInfo)principalCollection.getPrimaryPrincipal();
        /**
         * 查询当前用户所拥有的资源
         */
        List<Resource> resourceList=userService.getUserAllResourceById(userInfo.getId());

        List<String> permissionList=new ArrayList();
        if(!CollectionUtils.isEmpty(resourceList)){
            for(Resource resource:resourceList){
                //权限标识符不为空
                if(!StringUtils.isEmpty(resource.getResourceDesc())){
                    permissionList.add(resource.getResourceDesc());
                }
            }
        }
        SimpleAuthorizationInfo authorizationInfo=new SimpleAuthorizationInfo();
        authorizationInfo.addStringPermissions(permissionList);
        return authorizationInfo;
    }
    /**
     * 认证相关
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token=(UsernamePasswordToken)authenticationToken;
        String username=token.getUsername();
        logger.info("--------shiro开始认证当前登录用户----------"+username);
        String password=new String(token.getPassword());
        UserInfo userInfo=userService.userLogin(username,password);
        if(userInfo==null){
            logger.info("---------登录用户不存在--------");
            throw new UnknownAccountException("用户名或者密码不正确");
        }
        String dbPassword=userInfo.getPassword();
        String userPassword= com.ncbee.base.util.StringUtils.getCustomMD5Str(password);
        if(!dbPassword.equals(userPassword)){
            logger.info("---------密码输入不正确--------");
            throw new UnknownAccountException("用户名或者密码不正确");
        }
        if(userInfo.getStatus()!=1){//代表账户被禁用
            logger.info("---------该账户被冻结--------");
            throw new LockedAccountException("账户被冻结");
        }
        List<ResourceVo> menuResource=userService.getUserMenuResource(userInfo.getId());
        userInfo.setMenuList(menuResource);
        AuthenticationInfo info = new SimpleAuthenticationInfo(userInfo, password, getName());
        return info;
    }

}
